Asure Software® Privacy Policy

 

Thank you for using Asure Software.  We are committed to protecting your privacy and, for that reason, we have adopted this Privacy Policy to explain our data collection, use, and disclosure practices for the Asure Software website (asuresoftware.com, together with the mobile version of such site and all related applications, the “Website”) and our services (including the suite of services we provide through our Website, cloud-based services, on-line software products, and mobile and web-based applications, and any other tools, products, or services provided by Asure Software that link to or reference this Privacy Policy, collectively, the “Asure Tools”, together with the Website, the “Services”).  The Website and Services are owned and operated by Asure Software, Inc., a Delaware corporation (“Asure Software”, “we”, “us” or “our”).

If you reside in the State of California, please click here to learn more about your privacy rights. To the extent that there is a conflict between this Privacy Policy and the Privacy Notice for California Residents, the Privacy Notice for California Residents will prevail with respect to California Residents (as defined below) only.

If you reside in the Commonwealth of Virginia or the States of Colorado, Utah, Connecticut, Texas, Oregon, Montana, Delaware, Iowa, Nebraska, New Hampshire, New Jersey, Tennessee, Minnesota, or Maryland, please click here to learn more about your privacy rights. To the extent that there is a conflict between this Privacy Policy and the Privacy Notice for Covered Residents, the Privacy Notice for Covered Residents will prevail with respect to Covered Residents (as defined below) only.

This Privacy Policy applies to information Asure Software collects through the Services, as well as other information provided to us online or offline by third parties, when we associate that information with customers or users of the Website or Services; however, it does not apply to information collected from our employees, contractors, or vendors.  It also does not apply to information that you ask us to share with third parties or that is collected by certain other third parties whose software or services are featured or included in the Website and Services (as further described below).

This Privacy Policy describes, among other things:

  • Personal and other information we collect about you;
  • How we use your information;
  • How we may share your information with third parties; and
  • Your choices regarding the personal information we collect about you.

 

1. Consent

By accessing or using the Services, you consent to this Privacy Policy.  If you do not agree with this Privacy Policy, please do not access or use the Services.  Information gathered through the Services may be transferred, used, and stored in the United States or in other countries where our service providers or we are located.  If you use the Services, you agree to the transfer, use, and storage of your Personal Information (as defined below) in those countries. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. You agree that all transactions relating to the Services or Asure Software are deemed to occur in the United States, where our servers are located.

 

2. Collection of Your Personal and Other Information

When you access or use our Website, we collect your Personal Information. We also collect your Personal Information through your or, if you are the employee of an Asure Software customer, your employer’s register for or use of the Services.  By “Personal Information” we mean information that can identify or reasonably be linked to an individual.

When you access or use our Website, we may collect the following types of Personal Information:

  • Names;
  • Personal or business addresses;
  • Email addresses;
  • Phone numbers;
  • Credit card information (which you submit for payment purposes);
  • If you are using an Asure Software mobile app, precise geolocation; and
  • Information contained in any image, photograph or profile you submit to us.

 

In addition to the types of Personal Information we collect when you use our Website, when you (or, if you are the employee of an Asure Software customer, your employer) registers for or uses the Services, we may also collect the following additional types of Personal Information:

 

  • Social Security numbers;
  • Government-issued identification numbers;
  • Information contained in a credit report you or your employer authorizes us to make;
  • If you are an employee of an Asure Software customer, information your employer provides to us related to your employment in order for us to provide the Services, such as information related to your employment, employment benefits or work history; and
  • Biometric data (as specified in Section 5, below).

 

Certain aspects of the Services may also access certain features of your mobile device, including its camera and location services (GPS), and collect information from those features, such as photographs and your precise location.  You consent to this access.

We also use technology from our third-party service providers to collect user experience data, which reproduces your interactions with the Services, including mouse movements, page scrolling, screen taps, and other actions you take while using the Services.  Reproduced data may include technical and usage data, as well as visual representations of actions you take while using the Services. The technology we use to collect user experience data does not record the contents of your communications with us. Our use of this data is limited to helping us understand how users interact with our Services and to design a better user experience for you.

from our third-party service providers to collect user chat data, which generates a transcript of your communication with us after our conversation has concluded.  Data collected may also include technical and usage data. Our use of this data is limited to providing information you have requested, processing any transactions you have requested, helping us understand how users interact with our Services and to design a better user experience for you.

You may choose not to provide Personal Information or prevent the Services from accessing certain features of your mobile device (subject to the controls offered by your mobile device’s operating system), but this may prevent you from receiving certain features of the Services.

We also collect non-Personal Information relating to the Services, that is, information that does not personally identify an individual.  The non-Personal Information we collect includes how you interact with the Services, information generally collected or “logged” by Internet websites or Internet services when accessed or used by users, and information about your web browser or device accessing or using the Services.

Examples of the non-Personal Information we collect are:

  • The pages of the Website that you viewed during a visit or the features of the Asure Software mobile apps you use;
  • What information, content or advertisements you view or interact with using the Services;
  • Language preferences;
  • The city and state in which you are located (but not your precise geographic location); and
  • Unique identifiers that are not connected and cannot reasonably be connected to your identity.

 

We will not use non-Personal Information to try to identify you, and if we associate any non-Personal Information with information that personally identifies you, then we will treat it as Personal Information. As discussed in more detail below, we sometimes use cookies and other automatic information gathering technologies to gather Personal Information and non-Personal Information.

Information collected by the Services may be collected by us or one of the third parties we utilize in providing the Services (as further described below).

 

3. Use of Your Information

We may use the information we collect to:

  • Assist us in providing, maintaining, and protecting the Services;
  • Set up, maintain, and protect accounts to use the Services;
  • Improve our online operations;
  • Process transactions;
  • Provide customer service;
  • Communicate with you, such as provide you with account- or transaction-related communications, or other newsletters, RSS feeds, and/or other communications relating to the Services;
  • Send or display offers and other content that is customized to your interests or preferences;
  • If you are an employee of an Asure Software customer, for purposes which your employer, or your employers agent, expressly authorizes;
  • Prevent fraud and other misuse;
  • Perform research and analysis aimed at improving our products and services and developing new products or services;
  • Manage and maintain the systems that provide the Services; and
  • Comply with our legal obligations and exercise our legal rights.

 

4. Disclosure of Your Information

We may disclose your Personal Information to third parties as described below.

We may disclose Personal Information to provide the Services, or when you authorize or instruct us to do so, for example, when you use the Services to submit content or profile information. We may also disclose Personal Information and non-Personal Information to Service Providers.  By “Service Providers” we mean companies, agents, contractors, service providers, or others engaged to perform functions on our behalf (such as processing of payments, provision of data storage, hosting of our Website, marketing of our products and services, and conducting audits).   When we use a Service Provider, we require that the Service Provider use and disclose the Personal Information received from us only to provide their services to us or as required by applicable law.

We may also disclose Personal Information and non-Personal Information to Online Tool Providers.  By “Online Tool Provider” we mean a licensor of software that we include in, or use with, the Services, including an API or SDK, that provides a specialized function or service to us and that requires the transmission of Personal Information and/or non-Personal Information to the Online Tool Provider.  Online Tool Providers may have the right to use Personal Information and non-Personal Information about you for their own business purposes.  Use and disclosure of Personal Information and non-Personal Information by an Online Tool Provider is described in its privacy policy.  See Section 6 below for some of the key Online Tool Providers we use.

We may partner with advertisers to provide you with special offers, or to advertise products or services to you.  If you redeem or respond to an offer, we may provide your Personal Information to the advertiser, including your name, email address, and gender. If you answer questions or fill out surveys from an advertiser, we may share information with that advertiser. The advertiser’s privacy policy will govern their use of your information, which may include marketing of other products or services to you.  You should read each advertiser’s privacy policy before providing information to that advertiser.

We may also disclose your Personal Information and non-Personal Information to our business partners. By “business partners,” we mean companies and individuals with whom we jointly offer products or services, or who independently offer you products and services.

We may also disclose your Personal Information to third parties when we believe, in good faith and in our sole discretion, that such disclosure is reasonably necessary to (a) enforce or apply the terms and conditions of the Services, including investigation of potential violations thereof, (b) comply with legal or regulatory requirements or an enforceable governmental request, (c) protect the rights, property or safety of us, our users or other third parties, (d) submit insurance claims, cooperate with insurance investigations, and fulfil insurance subrogation activities, (e) prevent a crime or protect national security, or (f) detect, prevent or otherwise address fraud, security or technical issues.

Finally, we reserve the right to transfer information (including your Personal Information) to a third party in the event of a sale, merger, or transfer of all or substantially all of the assets of our company relating to the Services, or in the unlikely event of a bankruptcy, liquidation, or receivership of our business. We will use commercially reasonable efforts to notify you of such transfer, for example, via email or by posting notice on our Website.

Lastly, we may also disclose non-Personal Information, aggregated with information about our other users, to our clients, merchants, advertisers, investors, potential buyers and other third parties if we deem such disclosure, in our sole discretion, to have sound business reasons or justifications.

 

5. Biometric Data – Collection, Transmission, Retention, and Destruction

For the purposes of this Privacy Policy, “biometric data” may include an individual’s physiological characteristics that can be used, singly or in combination with each other or with other identifying data, to establish individual identity. Examples of biometric data may include, but are not limited to, imagery of the iris, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which a template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted.

In addition, employees/users of an Asure Software customer that use Asure Software devices may provide an iris, finger scan and/or facial geometry scan for user identification and verification and fraud detection purposes, which the technology converts into a template, which is encrypted in transit and at rest. These templates are sometimes called “biometric data”. For purposes of this Privacy Policy, Asure Software broadly includes within the term “biometrics data” the templates created during the enrollment process at an Asure Software device, when an individual punches in and out, and during fraud detection processes, and treats the templates as if they are considered “biometric data” or under applicable laws, even if they do not constitute biometric data under any particular law.

Through this Policy and in other ways, Asure Software complies with laws relating to biometric data.

However, notwithstanding anything Asure Software does for its own compliance with laws relating to biometric data, customers of Asure Software are solely responsible for their own compliance with all applicable laws and regulations relating to biometric data, including, without limitation, the collection, possession, use, capture, access, storage, disclosure, retention, transmission, and/or permanent destruction and/or use of biometric data, and with respect to such customer’s use of Asure Software products and Services for which such customer’s employees/users provide biometric data. Without limiting the foregoing, to the extent required by law, customers of Asure Software should provide their employees and users of devices collecting/using biometric data with notice of such customer’s use of biometrics. Customers of Asure Software should also obtain any necessary informed consents and authorizations from their employees/users. These consents should be valid, compliant with applicable law, and authorize such customers and their vendors (including Asure Software) to collect, possess, capture, access, disclose, retain, store, use, and/or transmit biometrics.

 

6. Cookies and Automatic Information Gathering Technologies

Every time you use the Services (e.g., access a Website page, or navigate to a specific location within an Asure Software mobile app), we collect Personal Information and non-Personal Information (discussed above in Section 2) regarding that use.  For example, to improve our Services, we collect how, when, and which parts of the Services or their features you use.  Also, we may use your device’s unique identifier (UDID) or other unique identifiers to assist us in collecting and analyzing this data.

When you access the Website, to assist us in collecting and storing this non-Personal Information, we may employ a variety of technologies, including “Cookies,” local browser storage, and “web beacons,” “pixels,” or “tags.”  A “Cookie” is a small amount of data a website operator, or a third party whose content is embedded in that website, may store in your web browser and that the website operator or, as applicable, the third party, can access when you visit the website.  A web beacon, pixel or tag is a small, usually-transparent image placed on a web page that allows the operator of that image, which may be the operator of the website you visit or a third party, to read or write a Cookie.

Your operating system and web browser you use to access the Website may allow you to erase information stored in Cookies and local browser storage. But if you do so, you may be forced to login to the Website again, and you may lose some preferences or settings.  You may also be able to set your browser to refuse all website storage or to indicate when it is permitted, but some features of our Website may not function properly without it.  We may use Cookies to keep you logged in, save your preferences for the Website, and to collect information about how you use our Website.

More information about managing Cookies is available here. To learn how to manage privacy and storage settings for your local browser storage, please refer to the end user documentation for your browser.

When you access the Website, an Online Tool Provider may collect information automatically, in which case Personal Information and non-Personal Information it receives are subject to the Online Tool Provider’s privacy policy.  Some Online Tool Providers may allow you to opt out of certain collection and/or uses of your information.  You can read more here:

 

Google Analytics

Meta Pixel

We do not use Cookies or Online Tool Providers to collect information from users of Asure Tools.

 

7. Transparency and Choice; Do Not Track Signals

You may request access to your Personal Information by sending an email to privacy@asuresoftware.com. We will try to locate and provide you with your Personal Information and give you the opportunity to correct this data, if it is inaccurate, or to delete it, at your request.   But, in either case, we may need to retain it for legal reasons or for legitimate business purposes. You may also remove any content that you post to the Services using the deletion or removal options within the Services.  However, we (and you) are not able to control information that you have already shared with other users or made available to third parties through the Services.

If you need further assistance with removing any content you posted through the Services, you can email us at privacy@asuresoftware.com. Removal of your posted content may not ensure complete or comprehensive removal from our computer systems.

We ask individual users to identify themselves and the information requested to be accessed, corrected, or removed before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, would be extremely impractical (for instance, requests concerning information residing on backups), or relate to information that is not associated with your Personal Information.  In any case, where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.   We may also require you to verify your identity to our satisfaction before providing you with access to Personal Information.

Please be aware that if you request us to delete your Personal Information, you may not be able to continue to use the Services.  Also, even if you request that we delete your Personal Information, we may need to retain certain information for a limited period of time to satisfy our legal, audit and/or dispute resolution requirements.

We may use third-party service providers that collect information for interest-based advertising purposes (advertisements that are tailored to your likely interests, based on categories in which you have shown an interest).  To learn more about these third parties and the choices they offer users, please visit the Network Advertising Initiative’s choices page or the Digital Advertising Alliance’s choices page.  If you are reading this Privacy Policy from a mobile device, you can learn more about the DAA’s mobile choices program here. In addition, you may prevent Google’s collection of data generated by your use of the Sites (including your IP address) by downloading and installing a Browser Plugin available at https://tools.google.com/dlpage/gaoptout?hl=en.

We support the development and implementation of a standard “do not track” browser feature that provides customers with control over the collection and use of information about their web-browsing activities. Once a standardized “do not track” feature is released, we intend to adhere to the browser settings accordingly.

You can opt out of receiving marketing e-mails from us by clicking on the “unsubscribe” link in the e-mails.  Please note that it may take up to ten (10) business days for your opt-out request to be processed.  Also, even if you opt out of marketing e-mails, we may continue to send you certain account-related e-mails, such as notices about your account and confirmations of transactions you have requested.

 

8. Residents of Canada

If you have an objection to the use of your Personal Information as described in this Privacy Policy, you may file a complaint by sending an email to privacy@asuresoftware.com.  We will attempt to accommodate your objection or complaint, but you understand that, to the extent you object to our processing of Personal Information that is necessary for us to provide the Services to you, certain features and functionalities of the Services may no longer be available to you.  Nothing in this Privacy Policy prejudices your rights to file a complaint with the Office of the Privacy Commissioner of Canada, and/or with any other applicable data protection authorities.

 

9. Residents of Nevada

We may sell your Personal Information.  However, you may contact us at privacy@asuresoftware.com with questions, and may submit a request to opt out of such sales by completing a form on our Website.

 

10. Children

The Services are not intended for users under 13 years of age.  We do not knowingly collect Personal Information from users under 13 years of age.  We do not authorize users under 13 years of age to use the Services.

 

11. Information Security

We utilize reasonable information security measures to safeguard your Personal Information against unauthorized access, modification, or destruction.  For example, we utilize Transport Layer Security (TLS) or similar encryption technology when sensitive data is transmitted over the Internet, and use firewalls to help prevent external access into our network.  However, no data transmission over the Internet and no method of data storage can be guaranteed to be 100% secure.  Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its security.

We restrict access to Personal Information in our possession to our employees, Service Providers, and Online Tool Providers who need to know that information in order to operate, develop, improve or support our Services.

 

12. Third Party Websites

Please note that the Services may link or integrate with third-party sites, services or apps.   We are not responsible for the privacy or security policies or practices or the content of such third parties.  Accordingly, we encourage you to review the privacy and security policies and terms of service of those third parties so that you understand how they collect, use, share and protect your information.

 

13. Changes to this Policy

We may modify or update this Privacy Policy periodically with or without prior notice by posting the updated policy on this page. You can always check the “Last Updated” date at the top of this document to see when the Privacy Policy was last changed.  If we make any material changes to this Privacy Policy, we will notify you by reasonable means, which may be by e-mail or posting a notice of the changes on our Website or through the Asure Software mobile apps prior to the changes becoming effective.  We encourage you to check this Privacy Policy from time to time.  IF YOU DO NOT AGREE TO CHANGES TO THIS PRIVACY POLICY, YOU MUST STOP USING THE SERVICES AFTER THE EFFECTIVE DATE OF SUCH CHANGES (WHICH IS THE “LAST UPDATED” DATE OF THIS PRIVACY POLICY).

 

14. Questions

To ask questions about our Privacy Policy or to lodge a complaint, contact us at:

Asure Software, Inc.

Email:  privacy@asuresoftware.com

PP-V9.4-PPOL

Privacy Notice for California Residents

This Privacy Notice for California Residents (the “Notice”) supplements the information contained in our Privacy Policy and applies only if you reside in the State of California (you are a “California Consumer”).

For purposes of this Notice “Sell,” “Selling,” “Sale,” or “Sold,” means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, Personal Information to another business or a third party for monetary or other valuable consideration.

“Share”, “Shared,” or “Sharing” means sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, Personal Information to a third party for Cross-context Behavioral Advertising, whether or not for monetary or other valuable consideration.

“Cross-context Behavioral Advertising” means the targeting of advertising to a consumer based on that consumer’s Personal Information obtained from activity across businesses or distinctly-branded websites, applications, or services, other than the business or distinctly-branded website, application, or service with which the consumer intentionally interacts.  (In other words, if we send you an ad based solely on your interaction with us or our Services, this is not Cross-context Behavioral Advertising.)

“Sensitive Personal Information” means Personal Information that is not publicly available and reveals one or more of the following:

  • A consumer’s Social Security, driver’s license, state identification card, or passport number;
  • A consumer’s account log-in, financial account, debit card or credit card number in combination with any required security or access code, password, or credentials allowing access to an account;
  • A consumer’s precise geolocation;
  • A consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership;
  • The contents of a consumer’s mail, email, and text messages unless we are the intended recipient of the communication;
  • A consumer’s genetic or biometric data;
  • A consumer’s neural data; or
  • Personal Information collected and analyzed concerning a consumer’s health, sex life, or sexual orientation.

“Verifiable Request” means that the identifying information provided by a consumer in connection with a request matches the Personal Information of the consumer already maintained by us. Identifying information includes first and last name, contact email address, work email address, phone number, Company name and employee ID (if applicable), and your employer’s EIN or company code.

1. Information We Collect

In the past twelve (12) months, Asure Software has collected the following categories of Personal Information from California residents:

Category Examples Collected
A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.

 YES
C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). YES
D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. YES
E. Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. YES
F. Internet or other similar network activity. Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. YES
G. Geolocation data. Physical location or movements. YES
H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. YES
I. Professional or employment-related information. Current or past job history or performance evaluations. YES
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. NO
K. Inferences drawn from other personal information. Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. NO

 

Asure Software obtains this Personal Information from the following types of sources:

  • Directly from you. For example, from forms you complete or products and services that you purchase.
  • Indirectly from you. For example, from information automatically sent by your web browser or from analyzing data about your actions on our Website.
  • For employees of customers of Asure Software, from your employer. For example, when your employer uploads your Personal Information into a service offered by Asure Software.

 

Additionally, in the past twelve (12) months, Asure Software has collected the following categories of Sensitive Personal Information from California residents:

Category of Sensitive Personal Information Where we Collected It The Purpose(s) for Which we Use it
Your social security, driver’s license, state Identification card, or passport number Directly from you, or from your employer when they disclose it to us. Providing the Service(s) requested by you, or, if you are the employee of one of Asure Software’s Customers, by your employer.
Information revealing your citizenship or immigration status. Directly from you, or from your employer when they disclose it to us. Providing the Service(s) requested by you, or, if you are the employee of one of Asure Software’s Customers, by your employer.
Information revealing union membership. Directly from you, or from your employer when they disclose it to us. Providing the Service(s) requested by you, or, if you are the employee of one of Asure Software’s Customers, by your employer.
Precise Geolocation Data When you use one of our mobile apps Providing the Service(s) requested by you, or, if you are the employee of one of Asure Software’s Customers, by your employer.
Biometric Information Directly from you, or from your employer when they disclose it to us. Providing the Service(s) requested by you, or, if you are the employee of one of Asure Software’s Customers, by your employer.

 

2. Use of Personal Information

Asure Software may use, Sell, Share, or disclose the Personal Information we collect for one or more of the following “Business Purpose(s):”

  • To fulfill or meet the reason you provided the information;
  • To provide our Website, online services, or mobile app;
  • To facilitate Cross-context Behavioral Advertising;
  • To process transactions;
  • To provide customer service;
  • To communicate with you;
  • If you are an employee of an Asure Software customer, for purposes which your employer, or your employers agent, expressly authorizes;
  • To perform research and analysis aimed at improving our products and services and developing new products or services;
  • To prevent fraud and other misuse;
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations;
  • To respond to your requests under the California Consumer Privacy Act of 2018 (the “CCPA”), as amended;
  • To comply with our legal obligations and exercise our legal rights;
  • For any other purpose described to you when we collect your Personal Information; and
  • For any other acceptable purposes as set forth in the CCPA.

 

Additionally, Asure Software may use, Sell, Share, or disclose the Sensitive Personal Information we collect for one or more of the following “Business Purpose(s):”

  • To fulfill or meet the reason you provided the information;
  • To provide our Website, online services, or mobile app;
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations;
  • To respond to your requests under the California Consumer Privacy Act of 2018 (the “CCPA”), as amended;
  • For any other purpose described to you when we collect your Sensitive Personal Information; and
  • For any other acceptable purposes as set forth in the CCPA.

To the extent that we generate any de-identified data sets based on the Personal Information that we collect or receive through the Services, we will never re-identify any such de-identified Personal Information.

Unless we notify you otherwise, we will not collect additional categories of Personal Information, nor use the Personal Information we collect for any other materially different, unrelated, or incompatible purposes.

3. Retention of Personal Information

We retain each category of your Personal Information for no longer than is reasonably necessary for one or more Business Purposes, subject to your right to request we delete your Personal Information. Due to the nature of the services, it is not possible to predict the length of time that we intend to retain your Personal Information. Instead, we use the following criteria to determine whether it remains reasonably necessary to retain your Personal Information for one or more disclosed Business Purpose(s):

  • We need the information to provide you with products or services you have requested;
  • We continue to have a relationship with you or your employer;
  • You or your employer have requested information, products, or services from us;
  • We have a legal right or obligation to continue to retain the information;
  • We have an obligation to a third party that involves the information;
  • Our retention or recordkeeping policies and obligations dictate that we retain the information;
  • We have an interest in providing you with information about our products or services;
  • We have another business purpose for retaining the information;
  • The pendency of any actual or threatened litigation for which we are required to preserve the information;
  • The pendency of applicable statutes of limitations for potential legal claims; and/or
  • The generally accepted best practices in our industry.

When we determine that it is no longer reasonably necessary to retain your Personal Information for one or more disclosed Business Purpose(s) based on the above criteria, we will delete your Personal Information.

4. Disclosure of Personal Information

Asure Software may disclose Personal Information to our “service providers”, to our “contractors”, and to “third parties” (each as defined by the CCPA) for a Business Purpose.  When we disclose Personal Information for a Business Purpose, we enter into an agreement with the receiving party that describes the purpose for sharing the Personal Information, and that requires the receiving party to keep that Personal Information confidential. In the case of disclosures to our “service providers,” our “service providers” are obligated not to use the Personal Information for any purpose other than performing the services according to their agreement with us.  In the case of our “contractors”, our “contractors’ are obligated not to use the Personal Information for any purpose unrelated to the business purpose for which we’ve engaged them.

We may disclose your Personal Information with the following categories of entities: “service providers”, “contractors”, “third party” advertisers, and business partners.

We Sell and/or Share Personal Information, subject to your right to opt-out of those Sales or Sharing, to the following categories of third parties: data aggregators, “third party” advertisers, and business partners.

In the past twelve (12) months, Asure Software has Sold or Shared the following categories of Personal Information about its California Consumers: Identifiers; Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)); protected classification characteristics under California or federal law; commercial information; biometric information; Internet or other similar network activity; and professional or employment-related information.

5. Your Rights and Choices

If you are a California Consumer, you may request information about our collection, use, disclosure and Sale of your Personal Information over the past twelve (12) months, whether or not it was collected electronically. If you submit a Verifiable Request, we will provide you with information regarding:

  • the categories of Personal Information we have collected about you; the categories of sources from which your Personal Information was collected; our Business Purpose for collecting, Selling, or Sharing your Personal Information; the categories of third parties with whom we disclose that Personal Information; and the specific pieces of Personal Information we collected about you; and
  • if we Sold, Shared, or disclosed your Personal Information for a Business Purpose: what categories of Personal Information we Sold or Shared, and to which categories of recipients we Sold or Shared it; and what categories of Personal Information we disclosed for a Business Purpose, and to which categories of recipients we disclosed it.

You also have the right to request a copy of your Personal Information, and/or to request that we transmit your Personal Information to another entity.  To the extent technically feasible, we will comply with your request and provide and/or transmit your Personal Information in a structured, commonly used, machine-readable format.

 

You also have the right to request that we delete any of your Personal Information that we collect or maintain by submitting a Verifiable Request. We may deny your deletion request if retaining your Personal Information is necessary for us or our “service providers” or “contractors” to:

  • Complete the transaction for which we collected your Personal Information, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide goods or services that you requested, take actions reasonably anticipated by you within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
  • Help to ensure security and integrity to the extent the use of your Personal Information is reasonably necessary and proportionate for those purposes;
  • Debug products to identify and repair errors that impair existing intended functionality;
  • Exercise free speech, ensure the right of another consumer to exercise that consumer’s right of free speech, or exercise another right provided for by law;
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.);
  • Engage in public or peer-reviewed scientific, historical, or statistical that conforms or adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the ability to complete such research, if you previously provided informed consent;
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us and compatible with the context in which you provided the information; or
  • Comply with a legal obligation.

 

You further have the right to request that we correct any of your Personal Information that is inaccurate by submitting a Verifiable Request. We will correct any inaccurate Personal Information pursuant to your request to the extent possible using commercially reasonable efforts. We may deny your correction request if the Personal Information is accurate.  We may also delete your Personal Information instead of correcting it to the extent such deletion would not negatively impact you.

If you choose to exercise a privacy right under the CCPA, you have the right not to receive discriminatory treatment.

You may submit a Verifiable Request for the information listed above, or exercise any of your rights enumerated under this Notice, by calling us at (888) 323-8835, or by completing a form on our website, or by email to privacy@asuresoftware.com. You may also submit a request on behalf of your minor child.

After we receive request with the information necessary to locate your records, we will provide to you, in writing and free of charge (unless your request is excessive, repetitive, or manifestly unfounded), the requested information for the 12-month period preceding your request (unless you specifically request disclosure beyond such 12-month period, in which case, we will process your request with respect to Personal Information we have collected during the time period you specify, provided that (a) the earliest date that your request may apply to is January 1, 2022, and (b) processing your request does not require disproportionate effort). You can choose to have this information delivered to you by postal mail, electronically. We will try to respond to your verified request within forty-five (45) days of receipt, but if we require more time (up to another forty-five (45) days) we will inform you of the reason and extension period in writing. Please note that we are not required to comply with your request for information more than twice in any 12-month period. If applicable, our response will explain the reasons why we cannot comply with your request.

Additionally, you have the right to request that we limit the use and disclosure of Sensitive Personal Information by submitting a request though our webform, available here. If you submit such a request, we may continue to use or disclose your Sensitive Personal Information to:

  • Complete the transaction for which we collected your Personal Information, provide goods or services that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
  • Use in a short-term and transient manner, including, but not limited to, to facilitate non-personalized advertising shown as part of your current interaction with the Services, but not including disclosure to third parties or use outside your current interaction with the Services;
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us; or
  • Make any other uses of that information that are permitted by the CCPA and its implementing regulations.

 

If you are 16 years of age or older, you will have the right to direct us to stop Selling or Sharing your Personal Information to third parties at any time. You may opt-out here. However, if you change your mind, you may opt-in to Personal Information Sales at any time by emailing privacy@asuresoftware.com. If you are between 13 and 16 years of age, we will not Sell or Share your Personal Information unless you opt-in here. Consumers who opt-in to Personal Information Sales or Sharing may opt-out of future Sales or Sharing at any time.

Should you choose to exercise any of the rights enumerated under this Notice, we will not:

  • Deny you goods or services;
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
  • Provide you a different level or quality of goods or services; or
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, please be aware that it may be a functional necessity for our Services to have Personal Information about you in order to operate, and we may not be able to provide some or all of our Services to you if you direct us to delete your Personal Information.

Privacy Notice for Covered Residents

This Privacy Notice for Covered Residents (the “Notice”) supplements the information contained in our Privacy Policy and applies only if you reside in the Commonwealth of Virginia or the States of Colorado, Utah, Connecticut, Texas, Oregon, Iowa, Montana, Tennessee, New Hampshire, New Jersey, Delaware, Nebraska, Minnesota, or Maryland (collectively, the “Covered States”) (a resident of any Covered States, a “Covered Consumer”). The Notice applies equally to Covered Consumers unless noted otherwise.

For purposes of this Notice “Sell,” “Selling,” “Sale,” or “Sold,” means the exchange of Personal Information for monetary or other valuable consideration by Asure Software to a third party. “Sell,” “Selling,” “Sale,” or “Sold,” does not include the following:

  • Disclosure of Personal Information to a third party that processes data on behalf of Asure Software;
  • Disclosure of Personal Information to a third party for purposes of providing a product or service requested by you;
  • Disclosure or transfer of Personal Information to an affiliate of Asure Software;
  • Disclosure or transfer of Personal Information to a third party as an asset that is part of a proposed or actual merger, acquisition, bankruptcy, or other transaction in which the third party assumes control of all or part of Asure Software’s assets; and
  • Disclosure of Personal Information that is intentionally made available by you to the general public via a channel of mass media without restricting the Personal Information to a specific audience.

“Sensitive Personal Information” means any of the following: (1) Personal Information revealing racial or ethnic origin, religious beliefs, a mental or physical health condition or diagnosis, sex life or sexual orientation, status as transgender or nonbinary, status as the victim of a crime, or citizenship or citizenship status; (2) genetic or biometric data that may be processed for the purpose of uniquely identifying an individual; (3) Personal Information from a person known to be under 13 years of age; or (4) precise geolocation data. If you are a Colorado Consumer, the definition also includes any inferences made by us based on your personal data that are used to indicate your racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life or sexual orientation, or citizenship or citizenship status.

“Verifiable Request” means the identifying information provided by a consumer in connection with a request matches the Personal Information of the consumer already maintained by us. Identifying information includes your first and last name, contact email address, work email address, phone number, Company name and employee ID (if applicable), and your employer’s EIN or company code.

“Targeted Advertising” means displaying to a consumer an advertisement that is selected based on Personal Information obtained or inferred over time from the consumer’s activities across nonaffiliated websites, applications, or online services to predict consumer preferences or interests. “Targeted Advertising” does not include the following:

  • Advertising to a consumer in response to a consumer request;
  • Advertisements based on activities within our own websites or online applications;
  • Advertisements based on the context of a consumer’s current search query, visit to a website, or online application; or
  • Processing Personal Information solely for measuring or reporting advertising performance, reach, or frequency.

“Profiling” means any form of automated processing of Personal Information to evaluate, analyze, or predict personal aspects concerning an identified or identifiable individual’s economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

“Relevant Data Privacy Law” means the specific data privacy law of the state of which a consumer is a resident: the Virginia Consumer Data Protection Act (“VCDPA”) for a Virginia Consumer, the Colorado Privacy Act (“CPA”) for a Colorado Consumer, the Utah Consumer Privacy Act (UCPA) for a Utah Consumer, the Connecticut Data Privacy Act (CTDPA) for a Connecticut Consumer, the Iowa Consumer Data Protection Act (IACDPA) for an Iowa Consumer, the Montana Consumer Data Privacy Act (MTCDPA) for a Montana Consumer, the Tennessee Information Protection Act (TIPA) for a Tennessee Consumer, the Texas Data Privacy and Security Act (TDPSA) for a Texas Consumer, the Oregon Consumer Privacy Act (OCPA) for an Oregon Consumer, the Delaware Personal Privacy Act (DPDPA) for the a Delaware Consumer, the Minnesota Consumer Data Privacy Act (MNCDPA) for a Minnesota Consumer, the Nebraska Data Privacy Act (NEDPA) for a Nebraska Consumer, the New Hampshire Data Privacy Act (NHDPA) for a New Hampshire Consumer, and the New Jersey Data Privacy Act (NJDPA) for a New Jersey Consumer, and the Maryland Online Data Privacy Act (MODPA) for a Maryland Consumer.

1. Information We Collect or Process

Asure Software has collected or processed the following categories of Personal Information from Covered Consumers:

  • Names;
  • Personal or business addresses;
  • Email addresses;
  • Phone numbers;
  • Social Security numbers;
  • Government-issued identification numbers;
  • Credit card information (which you submit for payment purposes);
  • Information contained in a credit report you or your employer authorizes us to make;
  • If you are an employee of an Asure Software customer, information your employer provides to us related to your employment in order for us to provide the Services, such as information related to your employment benefits or work history;
  • Biometric data and biometric identifiers;
  • If you are using an Asure Software mobile application, precise geolocation; and
  • Information contained in any image, photograph or profile you submit to us.

 

Asure Software obtains this Personal Information from the following types of sources:

 

  • Directly from you. For example, from forms you complete or products and services that you purchase.
  • Indirectly from you. For example, from information automatically sent by your web browser or from analyzing data about your actions on our Website.
  • For employees of customers of Asure Software, from your employer. For example, when your employer uploads your Personal Information into a service offered by Asure Software.

The above-listed categories of Personal Information collected from Covered Consumers may include Sensitive Personal Information. By accessing or using the Services, you consent to the collection and processing of Sensitive Personal Information in the categories listed above.  If you do not consent to the collection and processing of Sensitive Personal Information within these categories, please do not access or use the Services.

If we receive Sensitive Personal Information about you from your employer, you have provided consent to your employer for Asure to process your Sensitive Personal Information. If you are a Covered Consumer who is a Maryland resident, we will only use your Sensitive Personal Information as is strictly necessary to provide or maintain the specific product or service you or your employer requested.

2. Use of Personal Information

Asure Software may use, Sell, or disclose the Personal Information we collect for one or more of the following “Business Purpose(s):”

  • To fulfill or meet the reason you provided the information;
  • To provide our Website, online services, or mobile app;
  • To facilitate Targeted Advertising;
  • To process transactions;
  • To provide customer service;
  • To communicate with you;
  • If you are an employee of an Asure Software customer, for purposes which your employer, or your employers agent, expressly authorizes
  • To perform research and analysis aimed at improving our products and services and developing new products or services;
  • To prevent fraud and other misuse;
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations;
  • To comply with our legal obligations and exercise our legal rights;
  • To respond to your requests under the Relevant Data Privacy Law;
  • For any other purpose described to you when we collect your Personal Information; and
  • For any other acceptable purposes as set forth in the Relevant Data Privacy Law.

Unless we notify you otherwise, we will not collect additional categories of Personal Information, nor use the Personal Information we receive or collect for any purpose that is not reasonably necessary to nor compatible with the purposes disclosed in this Privacy Policy.

3. Disclosures of Personal Information

Asure Software has disclosed your Personal Information as described in this Notice, including the following categories of Personal Information:

  • Names;
  • Personal or business addresses;
  • Email addresses;
  • Phone numbers;
  • Social Security numbers;
  • Government-issued identification numbers;
  • Credit card information (which you submit for payment purposes);
  • Information contained in a credit report you or your employer authorizes us to make;
  • If you are an employee of an Asure Software customer, information your employer provides to us related to your employment in order for us to provide the Services, such as information related to your employment benefits or work history;
  • Biometric data and biometric identifiers;
  • If you are using an Asure Software mobile application, precise geolocation; and
  • Information contained in any image, photograph or profile you submit to us.

 

Asure Software discloses Personal Information to third parties for a Business Purpose that is reasonably necessary or compatible with the purposes disclosed in this Privacy Policy.  When we disclose Personal Information for a Business Purpose, we enter into an agreement with the receiving party that describes the purpose for sharing the Personal Information, and that requires the receiving party to keep that Personal Information confidential.

We may disclose your Personal Information with the following categories of third parties: Service Providers, data aggregators, third parties who assist us with Targeted Advertising, business partners.

We do not process Personal Information for Profiling.

We Sell Personal Information, subject to your right to opt-out of those Sales. Please note that we do not Sell Personal Information of Covered Consumers who are Maryland residents under the age of 18.

We also process Personal Information for Targeted Advertising, subject to your right to opt-out of such processing. Please note that we do not process Personal Information of Covered Consumers who are Maryland residents under the age of 18 for Targeted Advertising.

NOTICE: We may sell your sensitive personal data.

Please note that the above “Notice” does not apply to Covered Consumers who are Maryland residents – we do not Sell the Sensitive Personal Information of Maryland residents.

NOTICE: We may sell your biometric personal data.

Please note that the above “Notice” does not apply to Covered Consumers who are Maryland residents, Colorado residents, or Texas residents – we do not Sell the biometric personal data of Maryland or Texas residents. Additionally, we do not sell the biometric personal data of Illinois residents.

4. Your Rights and Choices

If you are a Covered Consumer, you may request information about our collection and processing of your Personal Information, whether or not it was collected electronically. If you submit a Verifiable Request, we will disclose whether we have collected or processed your Personal Information and allow you to access the Personal Information we have collected, to the extent we continue to retain the Personal Information. To the extent technically feasible, we will disclose this information to you in a readily usable format that allows you to transmit the data to another entity without hindrance. In the event that you make more than (2) requests in any twelve (12) month period, we reserve the right to charge a fee prior to processing any such request(s).

You also have the right to request that we delete any of your Personal Information that we collect or maintain by submitting a Verifiable Request. We may deny your deletion request if retaining your Personal Information is necessary for us or our Service Providers to:

 

  • Complete the transaction for which we collected your Personal Information, provide goods or services that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
  • Prevent or detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or investigate, report, or prosecute those responsible for such activity;
  • Debug products to identify and repair errors that impair existing intended functionality;
  • Engage in public or peer-reviewed scientific or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the achievement of such research, if you previously provided informed consent;
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
  • Cooperate with law enforcement agencies concerning conduct or activities that we reasonably and in good faith believe may violate the law;
  • Comply with a legal obligation; or
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

If you are a Covered Consumer, you further have the right to request that we correct any of your Personal Information that is inaccurate by submitting a Verifiable Request. We will correct any inaccurate Personal Information pursuant to your request, taking into account the nature of the Personal Information and the purposes of the processing of your Personal Information. We may deny your correction request if the Personal Information is accurate.

If you choose to exercise a privacy right under the Relevant Data Privacy Law, you have the right not to receive unlawful discriminatory treatment.

You may submit a Verifiable Request for the information listed above, or exercise any of your rights enumerated under this Notice, by calling us at by calling us at (888) 323-8835, or by completing a form on our website, or by email to privacy@asuresoftware.com. You may also submit a Verifiable Request on behalf of your minor child who is under 13 years of age.

After we receive your Verifiable Request, we will provide to you, in writing, the requested information. You can choose to have this information delivered to you by postal mail or electronically. We will try to respond to your verified request within forty-five (45) days of receipt, but if we require more time (up to another forty-five (45) days) we will inform you of the reason and extension period in writing. If we decline to act on your request for any reason permitted under the Relevant Data Privacy Law, we will notify you of our decision within forty-five (45) day of receiving your request. If applicable, our response will explain the reasons why we cannot comply with your request.

If we deny your request or fail to act on it within the required time period, you may have the right to appeal this decision by submitting a new Verifiable Request in which you conspicuously note that you are appealing a previous decision. We will respond to your verified request to appeal within forty-five (45) days]. If applicable, our response will explain the reasons why we are denying your appeal, and any further steps that may be available to you.

You have the right, at any time, to direct us to stop processing your Personal Information for Targeted Advertising and/or Sale to third parties. You may opt-out of these uses of your Personal Information by submitting a Verifiable Request. However, if you change your mind, you may opt-in to the processing of your Personal Information for Targeted Advertising and/or Sale to third parties at any time by emailing us at privacy@asuresoftware.com. Consumers who opt-in to processing of their Personal Information for Targeted Advertising and/or Sale to third parties may opt-out at any time. If you are a Minnesota, Montana, New Hampshire, or Oregon resident between 13 and 16 years of age, or a New Jersey resident between 13 and 17 years of age, we will not processing your Personal Information for Targeted Advertising and/or Sale to third parties unless you opt-in here. Covered Consumers who opt-in to Personal Information Sales or Sharing may opt-out of future Sales or Sharing at any time.

Asure Software does not and will not, without first obtaining your consent, process your Personal Information for Profiling.

Should you choose to exercise any of the rights enumerated under this Notice we will not:

  • Deny you goods or services;
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
  • Provide you a different level or quality of goods or services; or
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, please be aware that it may be a functional necessity for our Services to have Personal Information about you in order to operate, and we may not be able to provide some or all of our Services to you if you direct us to delete your Personal Information.

5. Retention of Your Information

We retain each category of your Personal Information for no longer than is reasonably necessary for one or more of the above lawful bases for processing, subject to your right to request we delete your Personal Information. Due to the nature of the services, it is not possible to predict the length of time that we intend to retain your Personal Information. Instead, we use the following criteria to determine whether it remains reasonably necessary to retain your Personal Information for one or more disclosed lawful bases for processing:

  • We need the information to provide you with products or services you have requested;
  • We continue to have a relationship with you or your employer;
  • You or your employer have requested information, products, or services from us;
  • We have a legal right or obligation to continue to retain the information;
  • We have an obligation to a third party that involves the information;
  • Our retention or recordkeeping policies and obligations dictate that we retain the information;
  • We have an interest in providing you with information about our products or services;
  • We have another business purpose for retaining the information;
  • The pendency of any actual or threatened litigation for which we are required to preserve the information;
  • The pendency of applicable statutes of limitations for potential legal claims; and/or
  • The generally accepted best practices in our industry.

When we determine that it is no longer reasonably necessary to retain your Personal Information for one or more disclosed lawful bases for processing based on the above criteria, we will delete your Personal Information.

You have Successfully Subscribed!